Threat of the month: Government agencies
Major technology manufacturer products are having their security circumvented.
What is it?
The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments. These documents show an ability to monitor a variety of communications and backdoor and embed into most major technology products. This leaves a potential imbalance of offensive capabilities to use against foreign targets while also knowingly allowing for weaknesses in domestic technology usage.
How does it work?
Major technology manufacturer products are having their security circumvented, or weaknesses leveraged, by domestic and foreign intelligence agencies in order to provide persistent backdooring of devices. This ranges from your standard off the shelf servers to networking equipment and a variety of PC based components. Once embedded in a system it is very difficult to detect and remove such backdoors which can continue to implant malware to provide access to your systems and information.
Should I be worried?
Yes, but probably not as much about your own government as a foreign government which has the same level of capabilities. The reality is these so called catalogues of spying implants, backdoors and devices is something that has been maintained by most modern countries since the birth of modern intelligence organizations and the time of the cold-war. These are just the modernized versions of toolkits and capabilities to reach the same end game that governments have sought for quite some time now; to understand their potential adversaries and in some cases as controlling tools by oppressive regimes.
How can I prevent it?
The level at which governments are currently backdooring low level devices components is not something that an average business can really prevent at this time.